Elbit Systems of America
Systems Security Engineer - Cyber Security Embedded Systems
Elbit Systems of America - Merrimack, New Hampshire, us, 03054
Work at Elbit Systems of America
Overview
- View job
Overview
Secure System Principal Cyber Engineer
Under the direct supervision and mentorship of members of the Cyber Security Engineering Staff, the Secure System Principal Cyber Engineer undertakes a variety of activities and assigned projects at varying levels of professional complexity requiring knowledge within an area of specialty and/or engineering degree. The Secure System Principal Cyber Engineer works as a member of the Engineering team in support of contracted tasks focusing on the integration of cybersecurity requirements into the full system lifecycle of Elbit Systems of America's products. The candidate shall be gain experience in developing Risk Management Framework (RMF) artifacts and shall understand system categorization and deduce NIST, DoD, CNSSI, and NSTSSM regulations into product cybersecurity requirements. The candidate shall gain experience with NIST 800-53 and CNSSI 1253 security controls, security hardening of products, deriving and managing security requirements, risk management, technical planning, threat and vulnerability assessments, systems-level design, systems integration, verification, and validation including security testing and evaluation, and supportability and effectiveness analyses for the total systems. This candidate will interact directly with multidiscipline professionals in the planning and implementation of assigned projects. Responsibilities and tasks include: Providing individual technical contribution and cyber security engineering leadership in the development of advanced systems for the US DoD, including providing system concept definition, cyber security requirements development and analysis, new technology assessments, evaluation of alternative technical solutions, and hands-on cyber security tasks. Supporting engineering project teams in the pursuit of new business, including the definition of advanced design concepts to address customer needs, the preparation of engineering inputs, cost estimates, and schedules for proposals. Working with others including interfacing with internal and external project teams, company personnel (Engineering, Operations, Program Management, Business Development), and the customer community. Performing various duties related to the day-to-day operations of the Cyber Security Engineering team, including: Being a part of a program cybersecurity risk mitigation effort using the Risk Management Framework (RMF) Evaluating new and existing embedded systems and architects the software, firmware, and hardware requirements from a system engineering perspective Participating in development efforts to ensure cybersecurity controls are integrated to meet platform security posture and the Department of Defense (DoD) Authorizing Officials program requirements Participating in the formal Security Test and Evaluation process required by each government acceptance and approval authority through pre-test preparations, participation in the tests, analysis of the results, and preparation of required reports Performing product security reviews with the ability to communicate issues and risks in business terms and make recommendations that balance risk/reward tradeoffs Recommending embedded cybersecurity defense and countermeasures for avionics product designs Researching, evaluating, and assessing emerging embedded cyber security threats and technologies Evaluating and testing new cybersecurity tools and capabilities Analyzing static and dynamic source code scans to achieve Software Assurance (SwA) goals Suggesting and implementing new tools and efficiency improvements for the development of secure software Conducting research and preparing reports based on findings, to include recommendations or alternative proposals for action Providing training and mentoring to more junior staff members Providing solutions to a variety of technical problems of moderate scope and complexity as part of a project team Demonstrating leadership qualities and acting as a role model. Contributing to cost/scope estimation May lead functional tasks or projects Working independently to solve a wide range of complex problems requiring the regular use of ingenuity and creativity Education, experience, and license or certification requirements include: Hold an accredited Bachelor in Cybersecurity, Computer Science, Software Engineering, or other related engineering degrees with a cumulative GPA of over 3.2 and with a minimum of 9 years of experience in cyber security and/or secure system/embedded systems. OR Hold an accredited Master in Cybersecurity, Computer Science, Software Engineering, or other related engineering degrees with a cumulative GPA of over 3.2 and with a minimum of 7 years of experience in cyber security and/or secure system/embedded systems. OR Hold an accredited Ph.D. in Cybersecurity, Computer Science, Software Engineering, or other related engineering degrees with a cumulative GPA of over 3.2 and with a minimum of 4 years of experience in cyber security and/or secure system/embedded systems. Skills and abilities include: Experience with the Risk Management Framework (RMF), knowledge of embedded system security architectures and engineering approaches to building system security solutions, experience with Department of Defense, Government Certification and Authorizing Officials or federal customer base, and Software development experience in one of the following core languages: C, C++, or C#. Understanding security vulnerabilities found via security tools (i.e., HP Fortify, Klocwork, Nessus/Tenable, and others) and you have static/dynamic code analysis experience. Excellent written and oral communication skills, the ability to understand and follow complex, detailed instructions, and the ability to work both independently and in a team environment. Must be able to approach technical problems logically and scientifically. Must be flexible and able to handle multiple priorities, and be able to work for short to moderate periods without direct supervision. Computer skills, familiarity with basic shop tools and/or machine equipment, and an aptitude and understanding of basic electrical, mechanical, optical, or software engineering principles. Requires technical writing and documentation skills. CISSP or equivalent certification. Travel/Physical Requirements: Able to travel domestically and internationally up to 20% to support projects.
Under the direct supervision and mentorship of members of the Cyber Security Engineering Staff, the Secure System Principal Cyber Engineer undertakes a variety of activities and assigned projects at varying levels of professional complexity requiring knowledge within an area of specialty and/or engineering degree. The Secure System Principal Cyber Engineer works as a member of the Engineering team in support of contracted tasks focusing on the integration of cybersecurity requirements into the full system lifecycle of Elbit Systems of America's products. The candidate shall be gain experience in developing Risk Management Framework (RMF) artifacts and shall understand system categorization and deduce NIST, DoD, CNSSI, and NSTSSM regulations into product cybersecurity requirements. The candidate shall gain experience with NIST 800-53 and CNSSI 1253 security controls, security hardening of products, deriving and managing security requirements, risk management, technical planning, threat and vulnerability assessments, systems-level design, systems integration, verification, and validation including security testing and evaluation, and supportability and effectiveness analyses for the total systems. This candidate will interact directly with multidiscipline professionals in the planning and implementation of assigned projects. Responsibilities and tasks include: Providing individual technical contribution and cyber security engineering leadership in the development of advanced systems for the US DoD, including providing system concept definition, cyber security requirements development and analysis, new technology assessments, evaluation of alternative technical solutions, and hands-on cyber security tasks. Supporting engineering project teams in the pursuit of new business, including the definition of advanced design concepts to address customer needs, the preparation of engineering inputs, cost estimates, and schedules for proposals. Working with others including interfacing with internal and external project teams, company personnel (Engineering, Operations, Program Management, Business Development), and the customer community. Performing various duties related to the day-to-day operations of the Cyber Security Engineering team, including: Being a part of a program cybersecurity risk mitigation effort using the Risk Management Framework (RMF) Evaluating new and existing embedded systems and architects the software, firmware, and hardware requirements from a system engineering perspective Participating in development efforts to ensure cybersecurity controls are integrated to meet platform security posture and the Department of Defense (DoD) Authorizing Officials program requirements Participating in the formal Security Test and Evaluation process required by each government acceptance and approval authority through pre-test preparations, participation in the tests, analysis of the results, and preparation of required reports Performing product security reviews with the ability to communicate issues and risks in business terms and make recommendations that balance risk/reward tradeoffs Recommending embedded cybersecurity defense and countermeasures for avionics product designs Researching, evaluating, and assessing emerging embedded cyber security threats and technologies Evaluating and testing new cybersecurity tools and capabilities Analyzing static and dynamic source code scans to achieve Software Assurance (SwA) goals Suggesting and implementing new tools and efficiency improvements for the development of secure software Conducting research and preparing reports based on findings, to include recommendations or alternative proposals for action Providing training and mentoring to more junior staff members Providing solutions to a variety of technical problems of moderate scope and complexity as part of a project team Demonstrating leadership qualities and acting as a role model. Contributing to cost/scope estimation May lead functional tasks or projects Working independently to solve a wide range of complex problems requiring the regular use of ingenuity and creativity Education, experience, and license or certification requirements include: Hold an accredited Bachelor in Cybersecurity, Computer Science, Software Engineering, or other related engineering degrees with a cumulative GPA of over 3.2 and with a minimum of 9 years of experience in cyber security and/or secure system/embedded systems. OR Hold an accredited Master in Cybersecurity, Computer Science, Software Engineering, or other related engineering degrees with a cumulative GPA of over 3.2 and with a minimum of 7 years of experience in cyber security and/or secure system/embedded systems. OR Hold an accredited Ph.D. in Cybersecurity, Computer Science, Software Engineering, or other related engineering degrees with a cumulative GPA of over 3.2 and with a minimum of 4 years of experience in cyber security and/or secure system/embedded systems. Skills and abilities include: Experience with the Risk Management Framework (RMF), knowledge of embedded system security architectures and engineering approaches to building system security solutions, experience with Department of Defense, Government Certification and Authorizing Officials or federal customer base, and Software development experience in one of the following core languages: C, C++, or C#. Understanding security vulnerabilities found via security tools (i.e., HP Fortify, Klocwork, Nessus/Tenable, and others) and you have static/dynamic code analysis experience. Excellent written and oral communication skills, the ability to understand and follow complex, detailed instructions, and the ability to work both independently and in a team environment. Must be able to approach technical problems logically and scientifically. Must be flexible and able to handle multiple priorities, and be able to work for short to moderate periods without direct supervision. Computer skills, familiarity with basic shop tools and/or machine equipment, and an aptitude and understanding of basic electrical, mechanical, optical, or software engineering principles. Requires technical writing and documentation skills. CISSP or equivalent certification. Travel/Physical Requirements: Able to travel domestically and internationally up to 20% to support projects.